- tools: Fix virt-host-validate SEV detection

3f9c1a4b-fix-host-validate-sev.patch
  boo#1188715

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=906
This commit is contained in:
James Fehlig 2021-10-07 04:15:49 +00:00 committed by Git OBS Bridge
parent 73e1b007e3
commit 0d076b07d4
3 changed files with 38 additions and 0 deletions

View File

@ -0,0 +1,30 @@
commit 3f9c1a4bb8416dafdaa89358498233aa6684377c
Author: Jim Fehlig <jfehlig@suse.com>
Date: Tue Oct 5 22:34:57 2021 -0600
tools: Fix virt-host-validate SEV detection
virt-host-validate checks if AMD SEV is enabled by verifying
/sys/module/kvm_amd/parameters/sev is set to '1'. On a system
running kernel 5.13, the parameter is reported as 'Y'. To be
extra paranoid, add a check for 'y' along with 'Y' to complement
the existing check for '1'.
Fixes: https://bugzilla.opensuse.org/show_bug.cgi?id=1188715
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Index: libvirt-7.8.0/tools/virt-host-validate-common.c
===================================================================
--- libvirt-7.8.0.orig/tools/virt-host-validate-common.c
+++ libvirt-7.8.0/tools/virt-host-validate-common.c
@@ -501,7 +501,7 @@ int virHostValidateSecureGuests(const ch
return VIR_HOST_VALIDATE_FAILURE(level);
}
- if (mod_value[0] != '1') {
+ if (mod_value[0] != '1' && mod_value[0] != 'Y' && mod_value[0] != 'y') {
virHostMsgFail(level,
"AMD Secure Encrypted Virtualization appears to be "
"disabled in kernel. Add kvm_amd.sev=1 "

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Oct 7 04:14:22 UTC 2021 - James Fehlig <jfehlig@suse.com>
- tools: Fix virt-host-validate SEV detection
3f9c1a4b-fix-host-validate-sev.patch
boo#1188715
-------------------------------------------------------------------
Fri Oct 1 15:22:44 UTC 2021 - James Fehlig <jfehlig@suse.com>

View File

@ -285,6 +285,7 @@ Source6: libvirtd-relocation-server.xml
Source99: baselibs.conf
Source100: %{name}-rpmlintrc
# Upstream patches
Patch0: 3f9c1a4b-fix-host-validate-sev.patch
# Patches pending upstream review
Patch100: libxl-dom-reset.patch
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch